Can a Cloud Provider Read Your Data ?

Advertisement

Can a Cloud Provider Read Your Data ? If you are jumping to answer either yes or no, that is not the answer. Whether the Cloud Provider read or not depends. It depends on many parameters which can give will give you the precise or at least a closer answer to the basic question : Can a Cloud Provider Read Your Data ?

Can a Cloud Provider Read Your Data : The Depending Parameters

If you are new to the terminology Cloud Computing, for this topic, we will suggest to read at least these articles :

So, the answer to the basic question – Can a Cloud Provider Read Your Data, is not becoming very simple.

Can a Cloud Provider Read Your Data : A Generalized Discussion

Generalized, because it is not possible to pin point your situation, your usage, your definition of reading by the others and many more. But, how do we know if our cloud provider can read our data? If your data is not encrypted and you manage your keys, someone on the other side can read your data. There are three simple indicators that confirm that your cloud provider (especially when it comes to SaaS) can read your data:

Advertisement

---

If you can see your data in a web browser only after entering the password of your account, the chances that your provider can read these data are very high. Being able to see the data in a web browser and hide them in conjunction with your provider requires a complex JavaScript code or Flash or ActiveX to decrypt and display the data locally.

If the cloud service offers both a desktop application and a web access for your easy access to your data with both using the same password for one account, it is very likely that your provider can read your data. The common access means that your account password is probably used to protect your data and is typically also used to unlock your encryption key.

If you have the access to a cloud service or application by just providing your user name and password, your provider can almost certainly read your data.

Can a Cloud Provider Read Your Data : The Practical Aspects

Just being able to access the data from any device to for a service like Dropbox or iCloud, the data is encrypted with a key, managed by the service provider. Of course, since Dropbox stores only file you can apply to this to your encryption before Dropbox sees them (i.e. uploaded a password protected zip file). This does not mean that services such as Dropbox or iCloud are necessarily insecure, they generally have extensive controls to prevent their employees spying the users’ folders. The owners or board of directors definitely nor sneak your data, but their employees can. The problem is that these services are not suitable for all users in all cases, especially for organizations or activities related to business users or research.

Ultimately, if you use Private Cloud, among the Cloud Services, this is most secured; Second will be IaaS and Hybrid Cloud, Third will be a simple Linux Cloud Virtual Private Server (VPS). There is practically no security for SaaS like you use the emails like GMail, Hotmail etc, Image services like Flicker. If you close the common ports, a Virtual Private Server actually becomes quite secure as no one can actually login to the root especially with extra security measures alert systems, logging etc.